mcconnell 2004/03/06 19:02:42
Modified: merlin/activation/impl/src/java/org/apache/avalon/activation/impl
DefaultComponentFactory.java
merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl
DefaultComponentModel.java
DefaultContainmentModel.java
DefaultModelFactory.java DefaultSecurityModel.java
merlin/platform/src/config kernel.xml
merlin/platform/tutorials/security/application/impl/conf
block.xml
merlin/platform/tutorials/security/application/impl
project.xml
merlin/platform/tutorials/security/application/impl/src/java/tutorial/application
Application.java
merlin/platform/tutorials/security/location/impl/src/java/tutorial/location/impl
LocationComponent.java
merlin project.xml
Log:
Put in place better handling of the shutdown and disposal lifecycle actions to
ensure security awarness. Also update the security tutorial and updated the defalt
merlin kernel configuration.
Revision Changes Path
1.5 +87 -10
avalon/merlin/activation/impl/src/java/org/apache/avalon/activation/impl/DefaultComponentFactory.java
Index: DefaultComponentFactory.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/activation/impl/src/java/org/apache/avalon/activation/impl/DefaultComponentFactory.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- DefaultComponentFactory.java 29 Feb 2004 22:25:25 -0000 1.4
+++ DefaultComponentFactory.java 7 Mar 2004 03:02:42 -0000 1.5
@@ -49,6 +49,7 @@
import org.apache.avalon.excalibur.i18n.ResourceManager;
import org.apache.avalon.excalibur.i18n.Resources;
+import org.apache.avalon.framework.activity.Disposable;
import org.apache.avalon.framework.activity.Initializable;
import org.apache.avalon.framework.activity.Executable;
import org.apache.avalon.framework.activity.Startable;
@@ -146,7 +147,7 @@
* @param instance the component instance to etherialize
* @return the new instance
*/
- public void etherialize( Object instance )
+ public void etherialize( final Object instance )
{
try
{
@@ -158,17 +159,71 @@
}
finally
{
- try
+ if( instance instanceof Startable )
{
- ContainerUtil.shutdown( instance );
+ getLogger().debug( "applying shutdown" );
+ try
+ {
+ if( m_secure )
+ {
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ ((Startable)instance).stop();
+ return null;
+ }
+ },
+ m_model.getAccessControlContext() );
+ }
+ else
+ {
+ ContainerUtil.stop( instance );
+ }
+ }
+ catch( Throwable e )
+ {
+ if( getLogger().isWarnEnabled() )
+ {
+ final String warning =
+ "Ignoring component source shutdown error.";
+ getLogger().warn( warning, e );
+ }
+ }
}
- catch( Throwable e )
+
+ if( instance instanceof Disposable )
{
- if( getLogger().isWarnEnabled() )
+ getLogger().debug( "applying disposal" );
+ try
{
- final String warning =
- "Ignoring component source shutdown error.";
- getLogger().warn( warning, e );
+ if( m_secure )
+ {
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ ((Disposable)instance).dispose();
+ return null;
+ }
+ },
+ m_model.getAccessControlContext() );
+ }
+ else
+ {
+ ContainerUtil.dispose( instance );
+ }
+ }
+ catch( Throwable e )
+ {
+ if( getLogger().isWarnEnabled() )
+ {
+ final String warning =
+ "Ignoring component source disposal error.";
+ getLogger().warn( warning, e );
+ }
}
}
}
@@ -207,6 +262,7 @@
{
if( instance instanceof LogEnabled )
{
+ getLogger().debug( "applying logger" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -226,11 +282,11 @@
}
}
-
applyContext( instance, context );
if( instance instanceof Serviceable )
{
+ getLogger().debug( "applying service manager" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -252,6 +308,7 @@
if( instance instanceof Configurable )
{
+ getLogger().debug( "applying configuration" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -274,6 +331,7 @@
if( instance instanceof Parameterizable )
{
+ getLogger().debug( "applying parameters" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -305,6 +363,7 @@
if( instance instanceof Initializable )
{
+ getLogger().debug( "applying initialization" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -326,6 +385,7 @@
if( Startable.class.isAssignableFrom( clazz ) )
{
+ getLogger().debug( "applying statup" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -346,6 +406,7 @@
}
else if( Executable.class.isAssignableFrom( clazz ) )
{
+ getLogger().debug( "applying execution" );
if( m_secure )
{
AccessController.doPrivileged(
@@ -481,6 +542,19 @@
{
try
{
+ if( args.length == 0 )
+ {
+ getLogger().debug(
+ "instantiating component with a null constructor" );
+ }
+ else
+ {
+ int n = args.length;
+ getLogger().debug(
+ "instantiating component with "
+ + n + " arguments." );
+ }
+
if( m_secure )
{
return AccessController.doPrivileged(
@@ -712,6 +786,8 @@
final DeploymentModel provider = model.getProvider();
if( null == provider )
{
+ getLogger().debug( "applying context" );
+
//
// its classic avalon
//
@@ -747,6 +823,7 @@
}
else
{
+ getLogger().debug( "applying custom context" );
try
{
ContextualizationHandler handler =
1.10 +2 -2
avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultComponentModel.java
Index: DefaultComponentModel.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultComponentModel.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- DefaultComponentModel.java 29 Feb 2004 22:25:26 -0000 1.9
+++ DefaultComponentModel.java 7 Mar 2004 03:02:42 -0000 1.10
@@ -302,7 +302,7 @@
if( !isAssembled() )
{
final String error =
- "Model is not assembled.";
+ "Model is not assembled " + this;
throw new IllegalStateException( error );
}
1.39 +2 -2
avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultContainmentModel.java
Index: DefaultContainmentModel.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultContainmentModel.java,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- DefaultContainmentModel.java 1 Mar 2004 16:31:41 -0000 1.38
+++ DefaultContainmentModel.java 7 Mar 2004 03:02:42 -0000 1.39
@@ -462,7 +462,7 @@
if( !isAssembled() )
{
final String error =
- "Model is not assembled.";
+ "Model is not assembled " + this;
throw new IllegalStateException( error );
}
1.12 +14 -4
avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultModelFactory.java
Index: DefaultModelFactory.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultModelFactory.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- DefaultModelFactory.java 7 Mar 2004 00:00:58 -0000 1.11
+++ DefaultModelFactory.java 7 Mar 2004 03:02:42 -0000 1.12
@@ -43,6 +43,7 @@
import org.apache.avalon.composition.model.DeploymentModel;
import org.apache.avalon.composition.model.ComponentModel;
import org.apache.avalon.composition.model.ModelException;
+import org.apache.avalon.composition.model.ModelRuntimeException;
import org.apache.avalon.composition.model.DependencyGraph;
import org.apache.avalon.composition.provider.SecurityModel;
import org.apache.avalon.composition.provider.SystemContext;
@@ -170,12 +171,21 @@
{
SecurityProfile profile = profiles[i];
final String name = profile.getName();
- SecurityModel model = new DefaultSecurityModel( profile );
- m_security.put( profile.getName(), model );
if( m_logger.isDebugEnabled() )
{
m_logger.debug(
- "added security profile [" + name + "]." );
+ "adding security profile [" + name + "]." );
+ }
+ try
+ {
+ SecurityModel model = new DefaultSecurityModel( profile );
+ m_security.put( profile.getName(), model );
+ }
+ catch( Throwable e )
+ {
+ final String error =
+ "Cannot include initial security model [" + name + "].";
+ throw new ModelRuntimeException( error, e );
}
}
1.6 +2 -2
avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultSecurityModel.java
Index: DefaultSecurityModel.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/composition/impl/src/java/org/apache/avalon/composition/model/impl/DefaultSecurityModel.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- DefaultSecurityModel.java 29 Feb 2004 22:25:26 -0000 1.5
+++ DefaultSecurityModel.java 7 Mar 2004 03:02:42 -0000 1.6
@@ -126,7 +126,7 @@
catch( Throwable e )
{
final String error =
- "Invalid permission descriptor [" + descriptor + "].";
+ "Invalid permission descriptor " + descriptor + ".";
throw new SystemRuntimeException( error, e );
}
}
1.10 +29 -2 avalon/merlin/platform/src/config/kernel.xml
Index: kernel.xml
===================================================================
RCS file: /home/cvs/avalon/merlin/platform/src/config/kernel.xml,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- kernel.xml 29 Feb 2004 22:34:54 -0000 1.9
+++ kernel.xml 7 Mar 2004 03:02:42 -0000 1.10
@@ -1,11 +1,38 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<kernel>
- <repository>
+
+ <security>
+ <profile name="default">
+ <permissions>
+ <permission class="java.util.PropertyPermission" name="java.*">
+ <action>read</action>
+ </permission>
+ <permission class="java.util.PropertyPermission" name="os.*">
+ <action>read</action>
+ </permission>
+ <permission class="java.util.PropertyPermission" name="file.separator">
+ <action>read</action>
+ </permission>
+ <permission class="java.util.PropertyPermission" name="path.separator">
+ <action>read</action>
+ </permission>
+ <permission class="java.util.PropertyPermission" name="line.separator">
+ <action>read</action>
+ </permission>
+ <permission class="java.util.PropertyPermission" name="user.name">
+ <action>read</action>
+ </permission>
+ </permissions>
+ </profile>
+ </security>
+
+ <repository>
<hosts>
<host path="http://dpml.net/"/>
<host path="http://ibiblio.org/maven/"/>
</hosts>
- </repository>
+ </repository>
+
</kernel>
1.3 +4 -5
avalon/merlin/platform/tutorials/security/application/impl/conf/block.xml
Index: block.xml
===================================================================
RCS file:
/home/cvs/avalon/merlin/platform/tutorials/security/application/impl/conf/block.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- block.xml 1 Mar 2004 23:45:33 -0000 1.2
+++ block.xml 7 Mar 2004 03:02:42 -0000 1.3
@@ -6,15 +6,14 @@
<repository>
<resource id="avalon-framework:avalon-framework-api" version="4.1.5"/>
<resource id="avalon-framework:avalon-framework-impl" version="4.1.5"/>
- <resource id="merlin-tutorial:locator-api" version="1.0"/>
- <resource id="merlin-tutorial:publisher-api" version="1.0"/>
- <resource id="merlin-tutorial:application-impl" version="1.0"/>
+ <resource id="merlin-tutorial:secure-locator-api" version="1.0"/>
+ <resource id="merlin-tutorial:secure-publisher-api" version="1.0"/>
</repository>
</classpath>
</classloader>
- <include name="location" id="merlin-tutorial:locator-impl" version="1.0"/>
- <include name="publisher" id="merlin-tutorial:publisher-impl" version="1.0"/>
+ <include name="location" id="merlin-tutorial:secure-locator-impl"
version="1.0"/>
+ <include name="publisher" id="merlin-tutorial:secure-publisher-impl"
version="1.0"/>
<component name="spain"
class="tutorial.application.Application" activation="startup">
1.3 +1 -1
avalon/merlin/platform/tutorials/security/application/impl/project.xml
Index: project.xml
===================================================================
RCS file:
/home/cvs/avalon/merlin/platform/tutorials/security/application/impl/project.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- project.xml 1 Mar 2004 23:53:04 -0000 1.2
+++ project.xml 7 Mar 2004 03:02:42 -0000 1.3
@@ -4,7 +4,7 @@
<extend>${basedir}/../../../project.xml</extend>
- <id>application-impl</id>
+ <id>secure-application-impl</id>
<name>Composition Application Tutorial</name>
<currentVersion>1.0</currentVersion>
1.2 +2 -2
avalon/merlin/platform/tutorials/security/application/impl/src/java/tutorial/application/Application.java
Index: Application.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/platform/tutorials/security/application/impl/src/java/tutorial/application/Application.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Application.java 1 Mar 2004 23:04:24 -0000 1.1
+++ Application.java 7 Mar 2004 03:02:42 -0000 1.2
@@ -51,7 +51,7 @@
*/
public void service( ServiceManager manager ) throws ServiceException
{
- getLogger().info( "servicing application" );
+ getLogger().info( "handing service manager" );
LocationService locator = null;
Object object = manager.lookup( "locator" );
@@ -96,7 +96,7 @@
public void dispose()
{
- getLogger().info( "disposal" );
+ getLogger().info( "application disposal" );
}
}
1.2 +1 -1
avalon/merlin/platform/tutorials/security/location/impl/src/java/tutorial/location/impl/LocationComponent.java
Index: LocationComponent.java
===================================================================
RCS file:
/home/cvs/avalon/merlin/platform/tutorials/security/location/impl/src/java/tutorial/location/impl/LocationComponent.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- LocationComponent.java 1 Mar 2004 23:46:35 -0000 1.1
+++ LocationComponent.java 7 Mar 2004 03:02:42 -0000 1.2
@@ -70,7 +70,7 @@
public void dispose()
{
- getLogger().info( "disposal" );
+ getLogger().info( "locator disposal" );
}
}
1.29 +1 -5 avalon/merlin/project.xml
Index: project.xml
===================================================================
RCS file: /home/cvs/avalon/merlin/project.xml,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- project.xml 28 Feb 2004 14:10:18 -0000 1.28
+++ project.xml 7 Mar 2004 03:02:42 -0000 1.29
@@ -242,15 +242,11 @@
</packageGroup>
<packageGroup>
<title>Activation</title>
- <packages>org.apache.avalon.activation.*</packages>
+
<packages>org.apache.avalon.activation,org.apache.avalon.activation.*</packages>
</packageGroup>
<packageGroup>
<title>Composition</title>
<packages>org.apache.avalon.composition.*</packages>
- </packageGroup>
- <packageGroup>
- <title>Extension</title>
- <packages>org.apache.avalon.extension,org.apache.avalon.extension.*</packages>
</packageGroup>
<packageGroup>
<title>Facilities</title>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
